Quote from: FullyBorked on Today at 03:57:47 pmQuote from: franco on Today at 03:47:04 pmApparently it's a feature they coined to be for "Windows" and default to off?tls-win-cert: yesinstead of tls-cert-bundle... can anyone confirm?Thanks,Francohttps://nlnetlabs.nl/documentation/unbound/unbound.conf/I don't see either of these entries in my unbound.conf file. Should I check somewhere else? They would be in /var/unbound/etc/dot.conf
Quote from: franco on Today at 03:47:04 pmApparently it's a feature they coined to be for "Windows" and default to off?tls-win-cert: yesinstead of tls-cert-bundle... can anyone confirm?Thanks,Francohttps://nlnetlabs.nl/documentation/unbound/unbound.conf/I don't see either of these entries in my unbound.conf file. Should I check somewhere else?
Apparently it's a feature they coined to be for "Windows" and default to off?tls-win-cert: yesinstead of tls-cert-bundle... can anyone confirm?Thanks,Francohttps://nlnetlabs.nl/documentation/unbound/unbound.conf/
No, /usr/local/opnsense/service/templates/OPNsense/Unbound/core/dot.conf otherwise it will be overwritten on apply.
> Thanks, mine is currently un-patched, I show " tls-system-cert: yes". Can you add "tls-win-cert: yes" in the line below (with the same indent) and apply from GUI?If that doesn't work "tls-cert-bundle: /usr/local/etc/ssl/cert.pem" and removing "tls-system-cert: yes" will do the trick.Cheers,Franco
Quote from: gac on Today at 03:59:08 pmQuote from: FullyBorked on Today at 03:57:47 pmQuote from: franco on Today at 03:47:04 pmApparently it's a feature they coined to be for "Windows" and default to off?tls-win-cert: yesinstead of tls-cert-bundle... can anyone confirm?Thanks,Francohttps://nlnetlabs.nl/documentation/unbound/unbound.conf/I don't see either of these entries in my unbound.conf file. Should I check somewhere else? They would be in /var/unbound/etc/dot.confHmm, ok the link he quoted mentioned the unbound.conf. My dot.conf file other than a single forwarding zone is empty.
